Symlink race (original) (raw)
Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben.
| Property | Value |
|---|---|
| dbo:abstract | Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben. (de) A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). It is called a "race" because in its typical manifestation, the program checks to see if a file by that name already exists; if it does not exist, the program then creates the file. An attacker must create the link in the interval between the check and when the file is created. A symlink race can happen with antivirus products that decide they will quarantine or delete a suspicious file, and then go ahead and do that. During the interval between decision and action, malicious software can replace the suspicious file with a system or antivirus file that the malicious software wants overwritten. (en) Symlink race – atak na uprzywilejowaną aplikację nieprawidłowo przeprowadzającą operacje na plikach. (pl) |
| dbo:wikiPageID | 1857208 (xsd:integer) |
| dbo:wikiPageLength | 3317 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 1115673478 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:Unix dbr:Time-of-check_to_time-of-use dbc:Computer_security_exploits dbr:Antivirus dbr:Computer_file dbr:Setuid dbr:Account_(computing) dbr:POSIX dbc:Unix dbr:Superuser dbr:Symbolic_link dbr:C_standard_library dbr:Race_condition dbr:Vulnerability_(computer_science) |
| dbp:wikiPageUsesTemplate | dbt:Refimprove dbt:Reflist dbt:Man dbt:Unix-stub |
| dct:subject | dbc:Computer_security_exploits dbc:Unix |
| rdf:type | yago:WikicatComputerSecurityExploits yago:Abstraction100002137 yago:Accomplishment100035189 yago:Act100030358 yago:Action100037396 yago:Event100029378 yago:Feat100036762 yago:PsychologicalFeature100023100 yago:YagoPermanentlyLocatedEntity |
| rdfs:comment | Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben. (de) Symlink race – atak na uprzywilejowaną aplikację nieprawidłowo przeprowadzającą operacje na plikach. (pl) A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). (en) |
| rdfs:label | Symlink-Schwachstelle (de) Symlink race (pl) Symlink race (en) |
| owl:sameAs | freebase:Symlink race yago-res:Symlink race wikidata:Symlink race dbpedia-de:Symlink race dbpedia-pl:Symlink race https://global.dbpedia.org/id/54wN4 |
| prov:wasDerivedFrom | wikipedia-en:Symlink_race?oldid=1115673478&ns=0 |
| foaf:isPrimaryTopicOf | wikipedia-en:Symlink_race |
| is dbo:wikiPageRedirects of | dbr:Symlink_race_condition |
| is dbo:wikiPageWikiLink of | dbr:Vulnerability_(computing) dbr:Symbolic_link dbr:Race_condition dbr:Symlink_race_condition |
| is foaf:primaryTopic of | wikipedia-en:Symlink_race |